adding role restriction DAO layer implementation

feature/appm-store/pbac
lasantha 7 years ago
parent d196e3e0e1
commit 460bda420b

@ -30,7 +30,7 @@ public class UnrestrictedRole {
@Exclude @Exclude
private int id; private int id;
private String tenantId; private int tenantId;
private String role; private String role;
@ -42,11 +42,11 @@ public class UnrestrictedRole {
this.id = id; this.id = id;
} }
public String getTenantId() { public int getTenantId() {
return tenantId; return tenantId;
} }
public void setTenantId(String tenantId) { public void setTenantId(int tenantId) {
this.tenantId = tenantId; this.tenantId = tenantId;
} }

@ -45,14 +45,6 @@ public interface ApplicationDAO {
*/ */
void addTags(List<Tag> tags, int applicationId, int tenantId) throws ApplicationManagementDAOException; void addTags(List<Tag> tags, int applicationId, int tenantId) throws ApplicationManagementDAOException;
/**
* To add unrestricted roles for a particular application.
*
* @param unrestrictedRoles unrestrictedRoles that could available the application.
* @throws ApplicationManagementDAOException Application Management DAO Exception.
*/
void addUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws ApplicationManagementDAOException;
/** /**
* To check application existence. * To check application existence.
* *

@ -18,7 +18,7 @@
*/ */
package org.wso2.carbon.device.application.mgt.core.dao; package org.wso2.carbon.device.application.mgt.core.dao;
import org.wso2.carbon.device.application.mgt.common.Visibility; import org.wso2.carbon.device.application.mgt.common.UnrestrictedRole;
import org.wso2.carbon.device.application.mgt.core.exception.VisibilityManagementDAOException; import org.wso2.carbon.device.application.mgt.core.exception.VisibilityManagementDAOException;
import java.util.List; import java.util.List;
@ -30,13 +30,18 @@ import java.util.List;
*/ */
public interface VisibilityDAO { public interface VisibilityDAO {
int getVisibilityID(Visibility.Type visibilityType) throws VisibilityManagementDAOException; /**
* To add unrestricted roles for a particular application.
void add(int applicationID, int visibilityTypeID, List<String> allowedList) *
throws VisibilityManagementDAOException; * @param unrestrictedRoles unrestrictedRoles that could available the application.
* @throws VisibilityManagementDAOException Visiblity Management DAO Exception.
*/
void addUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws
VisibilityManagementDAOException;
void delete(int applicationId) throws VisibilityManagementDAOException; List<UnrestrictedRole> getUnrestrictedRoles(int applicationId, int tenantId) throws VisibilityManagementDAOException;
Visibility get(int applicationID) throws VisibilityManagementDAOException; void deleteUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws
VisibilityManagementDAOException;
} }

@ -112,37 +112,6 @@ public class GenericApplicationDAOImpl extends AbstractDAOImpl implements Applic
} }
} }
@Override
public void addUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws ApplicationManagementDAOException {
if (log.isDebugEnabled()) {
log.debug("Request received in DAO Layer to add unrestricted roles");
}
Connection conn;
PreparedStatement stmt = null;
ResultSet rs = null;
int index = 0;
String sql = "INSERT INTO AP_UNRESTRICTED_ROLES (ROLE, TENANT_ID, AP_APP_ID) VALUES (?, ?, ?)";
try{
conn = this.getDBConnection();
conn.setAutoCommit(false);
stmt = conn.prepareStatement(sql);
for (UnrestrictedRole role : unrestrictedRoles) {
stmt.setString(++index, role.getRole());
stmt.setInt(++index, tenantId);
stmt.setInt(++index, applicationId);
stmt.addBatch();
}
stmt.executeBatch();
}catch (DBConnectionException e) {
throw new ApplicationManagementDAOException("Error occurred while obtaining the DB connection when adding roles", e);
}catch (SQLException e) {
throw new ApplicationManagementDAOException("Error occurred while adding unrestricted roles", e);
} finally {
Util.cleanupResources(stmt, rs);
}
}
@Override @Override
public int isExistApplication(String appName, String type, int tenantId) throws ApplicationManagementDAOException { public int isExistApplication(String appName, String type, int tenantId) throws ApplicationManagementDAOException {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {

@ -17,7 +17,9 @@
*/ */
package org.wso2.carbon.device.application.mgt.core.dao.impl.visibility; package org.wso2.carbon.device.application.mgt.core.dao.impl.visibility;
import org.wso2.carbon.device.application.mgt.common.Visibility; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.application.mgt.common.UnrestrictedRole;
import org.wso2.carbon.device.application.mgt.common.exception.DBConnectionException; import org.wso2.carbon.device.application.mgt.common.exception.DBConnectionException;
import org.wso2.carbon.device.application.mgt.core.dao.VisibilityDAO; import org.wso2.carbon.device.application.mgt.core.dao.VisibilityDAO;
import org.wso2.carbon.device.application.mgt.core.dao.common.Util; import org.wso2.carbon.device.application.mgt.core.dao.common.Util;
@ -36,121 +38,106 @@ import java.util.List;
*/ */
public class GenericVisibilityDAOImpl extends AbstractDAOImpl implements VisibilityDAO { public class GenericVisibilityDAOImpl extends AbstractDAOImpl implements VisibilityDAO {
@Override private static final Log log = LogFactory.getLog(GenericVisibilityDAOImpl.class);
public int getVisibilityID(Visibility.Type visibilityType) throws VisibilityManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
try {
Connection connection = getDBConnection();
String sql = "SELECT ID FROM APPM_RESOURCE_TYPE WHERE NAME = ?";
stmt = connection.prepareStatement(sql);
stmt.setString(1, visibilityType.toString().toUpperCase());
resultSet = stmt.executeQuery();
if (resultSet.next()) {
return resultSet.getInt("ID");
}
return -1;
} catch (DBConnectionException e) {
throw new VisibilityManagementDAOException("Error occurred while obtaining the connection " +
"for the visibility management of applications", e);
} catch (SQLException e) {
throw new VisibilityManagementDAOException("Error occurred when trying to get the ID of the" +
" visibility type - " + visibilityType.toString(), e);
} finally {
Util.cleanupResources(stmt, resultSet);
}
}
@Override @Override
public void add(int applicationID, int visibilityTypeID, List<String> allowedList) public void addUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws
throws VisibilityManagementDAOException { VisibilityManagementDAOException {
if (log.isDebugEnabled()) {
log.debug("Request received in DAO Layer to add unrestricted roles");
}
Connection conn;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null;
int index = 0;
String sql = "INSERT INTO AP_UNRESTRICTED_ROLES (ROLE, TENANT_ID, AP_APP_ID) VALUES (?, ?, ?)";
try{ try{
Connection connection = getDBConnection(); conn = this.getDBConnection();
String sql = "INSERT INTO APPM_VISIBILITY (VALUE, RESOURCE_TYPE_ID, APPLICATION_ID) VALUES (?, ?, ?)"; conn.setAutoCommit(false);
stmt = connection.prepareStatement(sql); stmt = conn.prepareStatement(sql);
if (allowedList == null) { for (UnrestrictedRole role : unrestrictedRoles) {
stmt.setString(1, null); stmt.setString(++index, role.getRole());
stmt.setInt(2, visibilityTypeID); stmt.setInt(++index, tenantId);
stmt.setInt(3, applicationID); stmt.setInt(++index, applicationId);
stmt.execute();
} else {
for (String allowed : allowedList) {
stmt.setString(1, allowed);
stmt.setInt(2, visibilityTypeID);
stmt.setInt(3, applicationID);
stmt.addBatch(); stmt.addBatch();
} }
stmt.executeBatch(); stmt.executeBatch();
}
}catch (DBConnectionException e) { }catch (DBConnectionException e) {
throw new VisibilityManagementDAOException("Error occurred while obtaining the connection " + throw new VisibilityManagementDAOException("Error occurred while obtaining the DB connection when adding roles", e);
"for adding the visibility mapping for the application ID - " + applicationID, e);
}catch (SQLException e) { }catch (SQLException e) {
throw new VisibilityManagementDAOException("Error occurred while adding the visibility mapping " + throw new VisibilityManagementDAOException("Error occurred while adding unrestricted roles", e);
"for the application ID - " + applicationID, e);
} finally { } finally {
Util.cleanupResources(stmt, null); Util.cleanupResources(stmt, rs);
} }
} }
@Override @Override
public void delete(int applicationId) throws VisibilityManagementDAOException { public List<UnrestrictedRole> getUnrestrictedRoles(int applicationId, int tenantId) throws VisibilityManagementDAOException {
if (log.isDebugEnabled()) {
log.debug("Request received in DAO Layer to get unrestricted roles");
}
Connection conn;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null;
List<UnrestrictedRole> unrestrictedRoles = new ArrayList<>();
UnrestrictedRole unrestrictedRole = null;
int index = 0;
String sql = "SELECT ID, ROLE FROM AP_UNRESTRICTED_ROLES WHERE AP_APP_ID = ? AND TENANT_ID = ?;";
try{ try{
Connection connection = getDBConnection(); conn = this.getDBConnection();
String sql = "DELETE FROM APPM_VISIBILITY WHERE APPLICATION_ID = ?"; conn.setAutoCommit(false);
stmt = connection.prepareStatement(sql); stmt = conn.prepareStatement(sql);
stmt.setInt(1, applicationId); stmt.setInt(++index, applicationId);
stmt.execute(); stmt.setInt(++index, tenantId);
rs = stmt.executeQuery();
while (rs.next()){
unrestrictedRole = new UnrestrictedRole();
unrestrictedRole.setId(rs.getInt("ID"));
unrestrictedRole.setRole(rs.getString("ROLE"));
unrestrictedRoles.add(unrestrictedRole);
}
return unrestrictedRoles;
}catch (DBConnectionException e) { }catch (DBConnectionException e) {
throw new VisibilityManagementDAOException("Error occurred while obtaining the connection " + throw new VisibilityManagementDAOException("Error occurred while obtaining the DB connection when adding roles", e);
"for deleting the visibility mapping for the application ID - " + applicationId, e);
}catch (SQLException e) { }catch (SQLException e) {
throw new VisibilityManagementDAOException("Error occurred while deleting the visibility mapping " + throw new VisibilityManagementDAOException("Error occurred while adding unrestricted roles", e);
"for the application ID - " + applicationId, e);
} finally { } finally {
Util.cleanupResources(stmt, null); Util.cleanupResources(stmt, rs);
} }
} }
public Visibility get(int applicationId) throws VisibilityManagementDAOException { @Override
public void deleteUnrestrictedRoles(List<UnrestrictedRole> unrestrictedRoles, int applicationId, int tenantId) throws VisibilityManagementDAOException {
if (log.isDebugEnabled()) {
log.debug("Request received in DAO Layer to delete unrestricted roles");
}
Connection conn;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet resultSet = null; ResultSet rs = null;
final String visibilityTypeColumn = "VISIBILITY_TYPE"; int index = 0;
final String allowedValColumn = "ALLOWED_VAL"; String sql = "DELETE FROM AP_UNRESTRICTED_ROLES WHERE AP_APP_ID = 1 AND ROLE = 'role1' AND TENANT_ID = -1234;";
try{ try{
Connection connection = getDBConnection(); conn = this.getDBConnection();
String sql = "SELECT APPM_VISIBILITY.VALUE as " + allowedValColumn + ", APPM_RESOURCE_TYPE.NAME AS " + conn.setAutoCommit(false);
visibilityTypeColumn + " FROM APPM_VISIBILITY JOIN APPM_RESOURCE_TYPE " + stmt = conn.prepareStatement(sql);
"ON APPM_VISIBILITY.RESOURCE_TYPE_ID = APPM_RESOURCE_TYPE.ID " +
"WHERE APPM_VISIBILITY.APPLICATION_ID = ?"; for (UnrestrictedRole role : unrestrictedRoles) {
stmt = connection.prepareStatement(sql); stmt.setInt(++index, applicationId);
stmt.setInt(1, applicationId); stmt.setString(++index, role.getRole());
resultSet = stmt.executeQuery(); stmt.setInt(++index, role.getTenantId());
Visibility visibility = new Visibility(); stmt.addBatch();
List<String> allowedVal = new ArrayList<>();
while (resultSet.next()) {
if (visibility.getType() == null) {
visibility.setType(Visibility.Type.valueOf(resultSet.getString(visibilityTypeColumn)));
}
String val = resultSet.getString(allowedValColumn);
if (val != null) {
allowedVal.add(val);
}
}
if (!allowedVal.isEmpty()) {
visibility.setAllowedList(allowedVal);
} }
return visibility; stmt.executeBatch();
}catch (DBConnectionException e) { }catch (DBConnectionException e) {
throw new VisibilityManagementDAOException("Error occurred while obtaining the connection " + throw new VisibilityManagementDAOException("Error occurred while obtaining the DB connection when adding roles", e);
"for getting the visibility mapping for the application ID - " + applicationId, e);
}catch (SQLException e) { }catch (SQLException e) {
throw new VisibilityManagementDAOException("Error occurred while getting the visibility mapping " + throw new VisibilityManagementDAOException("Error occurred while adding unrestricted roles", e);
"for the application ID - " + applicationId, e);
} finally { } finally {
Util.cleanupResources(stmt, resultSet); Util.cleanupResources(stmt, rs);
} }
} }
} }

Loading…
Cancel
Save